In addition as to claims 1, 16 and 29, the office action admits that Matyas "does not 
explicitly teach a variable security policy." but then goes on to state that Matyas teaches a 
network node means for periodically "obtaining the signature and the variable policy rule data" 
from the means for storing. (Citing column 16, lines 10-25). Since it is admitted that Matyas 
does not teach such a system, Matyas cannot be cited as teaching the claimed network node 
means or provide the steps relating to the network node and as such the claims are in condition 
for allowance. 

In fact, it appears that Matyas employs a static security policy technique wherein once a 
security policy has been determined, it is not changed and as noted in the cited portion of 
Matyas, column 16, lines 10-25, Matyas merely teaches that the network node can get a 
certificate issued if it sends the requisite information to a certificate authority. As claimed for 
example, the variable policy rule data allows for example, nodes, to have their policy varied and 
the node can then pull periodically, security policy certificates or any other suitable form of 
security policy information, to alter the security policy of a node and the node unilaterally 
enforces its own security policy. In contrast, Matyas teaches using an audit record and digital 
signature that are transmitted to a certification center in two messages and that the audit record 
contains a digital signature of the device or node requesting the certificate. A copy of the 
configuration vector is stored at this certification center and if the comparison is satisfactory, 
then the certification center will issue the requested certificate and will produce a signed 
certificate indicating the same. Thereafter, if a device attempts to change its configuration 
vector, the privacy key corresponding to the certified public key will automatically become 
unavailable for use in a network. As admitted in the office action, Matyas does not teach the 
claimed subject matter as it does not appear to contemplate variable security policy rule data. 
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In addition as to claims 12 and 25, the Van Oorschot reference has been cited as allegedly 
teaching what Matyas fails to contain. However, Van Oorschot is directed to a method for 
efficient management of certificate revocation lists (CRLs) and update information. It deals with 
the problem of CRLs potentially growing to unmanageable lengths and therefore allows CRLs to 
be segmented. Van Oorschot is directed to a system that among other things, utilizes a "delta" 
mechanism to update information in certificates. (Column 4, lines 27-29). There is no 
discussion of storing and managing variable security policy rule data at a network node as 
alleged in the office action in the cited portion. As such, the combination of Van Oorschot with 
Matyas fails to render the claims obvious. If the rejection is maintained, Applicants respectfully 
request a showing of which statements in the Van Oorschot reference allegedly teach, among 
other things, "storing and managing variable security policy rule data at a network node" as 
stated in the office action (see page 4). Since it is not mentioned, Applicants respectfully submit 
that the claims are in condition for allowance. 

As to the dependent claims, these claims also add additional novel and non-obvious 
subject matter. In addition, Applicants also note that these claims depend from allowable base 
claims. Applicants also respectfully reassert the relevant remarks made above as the Matyas 
reference and the Van Oorschot reference fail to teach the claimed subject matter. 
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Applicants respectfully submit that the claims are in condition for allowance and 
respectfully request that a timely Notice of Allowance be issued in this case. The Examiner is 
invited to contact the below-listed attorney if the Examiner believes that a telephone conference 
will advance the prosecution of this application. 



Vedder, Price, Kaufman & Kammholz, P.C. 

222 N. LaSalle Street 

Chicago, IL 60601 

312-609-7599 

312-609-5005 (Fax) 
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Respectfully submitted, 



Date: 





Registration No. 34,414 



